mirror of https://github.com/MISP/MISP
Merge branch '5802' into 2.4
commit
d2ff0866a0
|
@ -702,12 +702,20 @@ setBaseURL () {
|
|||
MISP_BASEURL="https://misp.local"
|
||||
# Webserver configuration
|
||||
FQDN='misp.local'
|
||||
else
|
||||
elif [[ "$(checkManufacturer)" == "innotek GmbH" ]]; then
|
||||
MISP_BASEURL='https://localhost:8443'
|
||||
IP=$(ip addr show | awk '$1 == "inet" {gsub(/\/.*$/, "", $2); print $2}' |grep -v "127.0.0.1" |tail -1)
|
||||
sudo iptables -t nat -A OUTPUT -p tcp --dport 8443 -j DNAT --to ${IP}:443
|
||||
# Webserver configuration
|
||||
FQDN='localhost.localdomain'
|
||||
elif [[ "$(checkManufacturer)" == "VMware, Inc." ]]; then
|
||||
MISP_BASEURL='""'
|
||||
# Webserver configuration
|
||||
FQDN='misp.local'
|
||||
else
|
||||
MISP_BASEURL='""'
|
||||
# Webserver configuration
|
||||
FQDN='misp.local'
|
||||
fi
|
||||
}
|
||||
|
||||
|
@ -2652,16 +2660,16 @@ installSupported () {
|
|||
|
||||
if [[ "$1" =~ ^PHP= ]]; then
|
||||
PHP_VER=$(echo $1 |cut -f2 -d=)
|
||||
if [[ "$PHP_VER" == "7.2" ]]; then
|
||||
if [[ "$PHP_VER" == 7.2 ]]; then
|
||||
# Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72
|
||||
elif [[ "$PHP_VER" == "7.3" ]]; then
|
||||
elif [[ "$PHP_VER" == 7.3 ]]; then
|
||||
# Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp74
|
||||
elif [[ "$PHP_VER" == "7.4" ]]; then
|
||||
elif [[ "$PHP_VER" == 7.4 ]]; then
|
||||
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp73
|
||||
elif [[ "$PHP_VER" == "7.0" ]]; then
|
||||
elif [[ "$PHP_VER" == 7.0 ]]; then
|
||||
# Install PHP 7.0 Dependencies - functionLocation('generic/supportFunctions.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp70
|
||||
fi
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
; Generated by RHash v1.3.8 on 2020-04-30 at 13:42.00
|
||||
; Generated by RHash v1.3.8 on 2020-04-30 at 15:20.13
|
||||
; Written by Kravchenko Aleksey (Akademgorodok) - http://rhash.sf.net/
|
||||
;
|
||||
; 130750 13:42.00 2020-04-30 INSTALL.sh
|
||||
INSTALL.sh 5B66DBA7E71771AA95A12413E661E00688C03610 18F6997170191327CD2B9E40C1C0120E48EC425D533C4624EB050594B99833CE 6C1DB0EEEE105E73F1125905FD48D057C15DC05794C8ABD2EC24DD31270423B8580992B5EFBBF0E1CDD54228A6899F39 BD545DB6BC3B746A99E2CB738D178C1812EB5AFB9E8D53A172AF282E225CC2644A4AD1A84277FDCCD2C53C3F1FC0EF04758E25226AC1960470D0A4565E21CAB1
|
||||
; 131010 15:20.13 2020-04-30 INSTALL.sh
|
||||
INSTALL.sh 660E0D51D88B57CE5BE725117482207E39371038 DCF69118CD37B43C308FD25E6BADAF03549BAF0FFA2AC11A1E919005D700F4AC 74E03A8054AF2E4BCB90426A3B813F57BF032734AB7B4E9D4F6F96961D7371FB051180BEE8357642EB9CC58603C13DA3 C4D1D02980808A92E8E11C72A49AA354DDEFA71C6E85FAC739645CEDEB4B36415243F7FB4B8BC75B6AE7B5D9660E0F88A35E884EBD51EA107128B0D7FB20C946
|
||||
|
|
|
@ -1 +1 @@
|
|||
5b66dba7e71771aa95a12413e661e00688c03610 INSTALL.sh
|
||||
660e0d51d88b57ce5be725117482207e39371038 INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
18f6997170191327cd2b9e40c1c0120e48ec425d533c4624eb050594b99833ce INSTALL.sh
|
||||
dcf69118cd37b43c308fd25e6badaf03549baf0ffa2ac11a1e919005d700f4ac INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
6c1db0eeee105e73f1125905fd48d057c15dc05794c8abd2ec24dd31270423b8580992b5efbbf0e1cdd54228a6899f39 INSTALL.sh
|
||||
74e03a8054af2e4bcb90426a3b813f57bf032734ab7b4e9d4f6f96961d7371fb051180bee8357642eb9cc58603c13da3 INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
bd545db6bc3b746a99e2cb738d178c1812eb5afb9e8d53a172af282e225cc2644a4ad1a84277fdccd2c53c3f1fc0ef04758e25226ac1960470d0a4565e21cab1 INSTALL.sh
|
||||
c4d1d02980808a92e8e11c72a49aa354ddefa71c6e85fac739645cedeb4b36415243f7fb4b8bc75b6ae7b5d9660e0f88a35e884ebd51ea107128b0d7fb20c946 INSTALL.sh
|
||||
|
|
|
@ -278,16 +278,16 @@ installSupported () {
|
|||
|
||||
if [[ "$1" =~ ^PHP= ]]; then
|
||||
PHP_VER=$(echo $1 |cut -f2 -d=)
|
||||
if [[ "$PHP_VER" == "7.2" ]]; then
|
||||
if [[ "$PHP_VER" == 7.2 ]]; then
|
||||
# Install PHP 7.2 Dependencies - functionLocation('INSTALL.ubuntu1804.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp72
|
||||
elif [[ "$PHP_VER" == "7.3" ]]; then
|
||||
elif [[ "$PHP_VER" == 7.3 ]]; then
|
||||
# Install PHP 7.4 Dependencies - functionLocation('INSTALL.ubuntu2004.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp74
|
||||
elif [[ "$PHP_VER" == "7.4" ]]; then
|
||||
elif [[ "$PHP_VER" == 7.4 ]]; then
|
||||
# Install PHP 7.3 Dependencies - functionLocation('generic/supportFunctions.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp73
|
||||
elif [[ "$PHP_VER" == "7.0" ]]; then
|
||||
elif [[ "$PHP_VER" == 7.0 ]]; then
|
||||
# Install PHP 7.0 Dependencies - functionLocation('generic/supportFunctions.md')
|
||||
[[ -n $CORE ]] || [[ -n $ALL ]] && installDepsPhp70
|
||||
fi
|
||||
|
|
|
@ -151,6 +151,12 @@ class AttributesController extends AppController
|
|||
if (!isset($this->request->data['Attribute'])) {
|
||||
$this->request->data = array('Attribute' => $this->request->data);
|
||||
}
|
||||
if ($this->request->data['Attribute']['distribution'] == 4) {
|
||||
$sg = $this->Event->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', 1, $this->request->data['Attribute']['sharing_group_id']);
|
||||
if (empty($sg)) {
|
||||
throw new MethodNotAllowedException(__('Invalid Sharing Group or not authorised.'));
|
||||
}
|
||||
}
|
||||
//
|
||||
// multiple attributes in batch import
|
||||
//
|
||||
|
@ -831,6 +837,12 @@ class AttributesController extends AppController
|
|||
if (!isset($this->request->data['Attribute'])) {
|
||||
$this->request->data = array('Attribute' => $this->request->data);
|
||||
}
|
||||
if ($this->request->data['Attribute']['distribution'] == 4) {
|
||||
$sg = $this->Attribute->Event->SharingGroup->fetchAllAuthorised($this->Auth->user(), 'name', 1, $this->request->data['Attribute']['sharing_group_id']);
|
||||
if (empty($sg)) {
|
||||
throw new MethodNotAllowedException(__('Invalid Sharing Group or not authorised.'));
|
||||
}
|
||||
}
|
||||
$existingAttribute = $this->Attribute->findByUuid($this->Attribute->data['Attribute']['uuid']);
|
||||
// check if the attribute has a timestamp already set (from a previous instance that is trying to edit via synchronisation)
|
||||
// check which attribute is newer
|
||||
|
|
|
@ -699,7 +699,7 @@ class Attribute extends AppModel
|
|||
* Only recorrelate if:
|
||||
* - We are dealing with a new attribute OR
|
||||
* - The existing attribute's previous state is known AND
|
||||
* value, type or disable correlation have changed
|
||||
* value, type, disable correlation or distribution have changed
|
||||
* This will avoid recorrelations when it's not really needed, such as adding a tag
|
||||
*/
|
||||
if (!$created) {
|
||||
|
@ -707,7 +707,9 @@ class Attribute extends AppModel
|
|||
empty($this->old) ||
|
||||
$this->data['Attribute']['value'] != $this->old['Attribute']['value'] ||
|
||||
$this->data['Attribute']['disable_correlation'] != $this->old['Attribute']['disable_correlation'] ||
|
||||
$this->data['Attribute']['type'] != $this->old['Attribute']['type']
|
||||
$this->data['Attribute']['type'] != $this->old['Attribute']['type'] ||
|
||||
$this->data['Attribute']['distribution'] != $this->old['Attribute']['distribution'] ||
|
||||
$this->data['Attribute']['sharing_group_id'] != $this->old['Attribute']['sharing_group_id']
|
||||
) {
|
||||
$this->__beforeSaveCorrelation($this->data['Attribute']);
|
||||
$this->__afterSaveCorrelation($this->data['Attribute'], false, $passedEvent);
|
||||
|
|
|
@ -641,6 +641,12 @@ class Event extends AppModel
|
|||
if (isset($this->data['Event']['info'])) {
|
||||
$this->Correlation->updateAll(array('Correlation.info' => $db->value($this->data['Event']['info'])), array('Correlation.event_id' => intval($this->data['Event']['id'])));
|
||||
}
|
||||
if (isset($this->data['Event']['distribution'])) {
|
||||
$this->Correlation->updateAll(array('Correlation.distribution' => $db->value($this->data['Event']['distribution'])), array('Correlation.event_id' => intval($this->data['Event']['id'])));
|
||||
}
|
||||
if (isset($this->data['Event']['sharing_group_id'])) {
|
||||
$this->Correlation->updateAll(array('Correlation.sharing_group_id' => $db->value($this->data['Event']['sharing_group_id'])), array('Correlation.event_id' => intval($this->data['Event']['id'])));
|
||||
}
|
||||
}
|
||||
if (empty($this->data['Event']['unpublishAction']) && empty($this->data['Event']['skip_zmq']) && Configure::read('Plugin.ZeroMQ_enable') && Configure::read('Plugin.ZeroMQ_event_notifications_enable')) {
|
||||
$pubSubTool = $this->getPubSubTool();
|
||||
|
@ -2150,6 +2156,22 @@ class Event extends AppModel
|
|||
'Object' => array('name', 'meta-category')
|
||||
);
|
||||
foreach ($results as $eventKey => &$event) {
|
||||
if ($event['Event']['distribution'] == 4 && !in_array($event['Event']['sharing_group_id'], $sgids)) {
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $user['Organisation']['name'],
|
||||
'model' => 'Event',
|
||||
'model_id' => $event['Event']['id'],
|
||||
'email' => $user['email'],
|
||||
'action' => 'fetchEvent',
|
||||
'user_id' => $user['id'],
|
||||
'title' => 'User was able to fetch the event but not the sharing_group it belongs to',
|
||||
'change' => ''
|
||||
));
|
||||
unset($results[$eventKey]); // Current user cannot access sharing_group associated to this event
|
||||
continue;
|
||||
}
|
||||
$this->__attachReferences($user, $event, $sgids, $fields);
|
||||
$event = $this->Orgc->attachOrgsToEvent($event, $fieldsOrg);
|
||||
if (!$options['sgReferenceOnly'] && $event['Event']['sharing_group_id']) {
|
||||
|
@ -2448,7 +2470,11 @@ class Event extends AppModel
|
|||
}
|
||||
foreach ($data as $k => $v) {
|
||||
if ($v['distribution'] == 4) {
|
||||
$data[$k]['SharingGroup'] = $sharingGroupData[$v['sharing_group_id']]['SharingGroup'];
|
||||
if (isset($sharingGroupData[$v['sharing_group_id']])) {
|
||||
$data[$k]['SharingGroup'] = $sharingGroupData[$v['sharing_group_id']]['SharingGroup'];
|
||||
} else {
|
||||
unset($data[$k]); // current user could not fetch the sharing_group
|
||||
}
|
||||
}
|
||||
}
|
||||
return $data;
|
||||
|
@ -3237,10 +3263,10 @@ class Event extends AppModel
|
|||
return array($bodyevent, $body);
|
||||
}
|
||||
|
||||
private function __captureSGForElement($element, $user)
|
||||
private function __captureSGForElement($element, $user, $syncLocal=false)
|
||||
{
|
||||
if (isset($element['SharingGroup'])) {
|
||||
$sg = $this->SharingGroup->captureSG($element['SharingGroup'], $user);
|
||||
$sg = $this->SharingGroup->captureSG($element['SharingGroup'], $user, $syncLocal);
|
||||
unset($element['SharingGroup']);
|
||||
} elseif (isset($element['sharing_group_id'])) {
|
||||
$sg = $this->SharingGroup->checkIfAuthorised($user, $element['sharing_group_id']) ? $element['sharing_group_id'] : false;
|
||||
|
@ -3257,17 +3283,17 @@ class Event extends AppModel
|
|||
|
||||
// When we receive an event via REST, we might end up with organisations, sharing groups, tags that we do not know
|
||||
// or which we need to update. All of that is controlled in this method.
|
||||
private function __captureObjects($data, $user)
|
||||
private function __captureObjects($data, $user, $syncLocal=false)
|
||||
{
|
||||
// First we need to check whether the event or any attributes are tied to a sharing group and whether the user is even allowed to create the sharing group / is part of it
|
||||
if (isset($data['Event']['distribution']) && $data['Event']['distribution'] == 4) {
|
||||
$data['Event'] = $this->__captureSGForElement($data['Event'], $user);
|
||||
$data['Event'] = $this->__captureSGForElement($data['Event'], $user, $syncLocal);
|
||||
}
|
||||
if (!empty($data['Event']['Attribute'])) {
|
||||
foreach ($data['Event']['Attribute'] as $k => $a) {
|
||||
unset($data['Event']['Attribute']['id']);
|
||||
if (isset($a['distribution']) && $a['distribution'] == 4) {
|
||||
$data['Event']['Attribute'][$k] = $this->__captureSGForElement($a, $user);
|
||||
$data['Event']['Attribute'][$k] = $this->__captureSGForElement($a, $user, $syncLocal);
|
||||
if ($data['Event']['Attribute'][$k] === false) {
|
||||
unset($data['Event']['Attribute']);
|
||||
}
|
||||
|
@ -3277,7 +3303,7 @@ class Event extends AppModel
|
|||
if (!empty($data['Event']['Object'])) {
|
||||
foreach ($data['Event']['Object'] as $k => $o) {
|
||||
if (isset($o['distribution']) && $o['distribution'] == 4) {
|
||||
$data['Event']['Object'][$k] = $this->__captureSGForElement($o, $user);
|
||||
$data['Event']['Object'][$k] = $this->__captureSGForElement($o, $user, $syncLocal);
|
||||
if ($data['Event']['Object'][$k] === false) {
|
||||
unset($data['Event']['Object'][$k]);
|
||||
continue;
|
||||
|
@ -3285,7 +3311,7 @@ class Event extends AppModel
|
|||
}
|
||||
foreach ($o['Attribute'] as $k2 => $a) {
|
||||
if (isset($a['distribution']) && $a['distribution'] == 4) {
|
||||
$data['Event']['Object'][$k]['Attribute'][$k2] = $this->__captureSGForElement($a, $user);
|
||||
$data['Event']['Object'][$k]['Attribute'][$k2] = $this->__captureSGForElement($a, $user, $syncLocal);
|
||||
if ($data['Event']['Object'][$k]['Attribute'][$k2] === false) {
|
||||
unset($data['Event']['Object'][$k]['Attribute'][$k2]);
|
||||
}
|
||||
|
@ -3453,6 +3479,24 @@ class Event extends AppModel
|
|||
return 'blocked';
|
||||
}
|
||||
}
|
||||
if ($passAlong) {
|
||||
$this->Server = ClassRegistry::init('Server');
|
||||
$server = $this->Server->find('first', array(
|
||||
'conditions' => array(
|
||||
'Server.id' => $passAlong
|
||||
),
|
||||
'recursive' => -1,
|
||||
'fields' => array(
|
||||
'Server.name',
|
||||
'Server.id',
|
||||
'Server.unpublish_event',
|
||||
'Server.publish_without_email',
|
||||
'Server.internal'
|
||||
)
|
||||
));
|
||||
} else {
|
||||
$server['Server']['internal'] = false;
|
||||
}
|
||||
if ($fromXml) {
|
||||
// Workaround for different structure in XML/array than what CakePHP expects
|
||||
$data = $this->cleanupEventArrayFromXML($data);
|
||||
|
@ -3479,7 +3523,7 @@ class Event extends AppModel
|
|||
return $existingEvent['Event']['id'];
|
||||
} else {
|
||||
if ($fromXml) {
|
||||
$data = $this->__captureObjects($data, $user);
|
||||
$data = $this->__captureObjects($data, $user, $server['Server']['internal']);
|
||||
}
|
||||
if ($data === false) {
|
||||
$failedCapture = true;
|
||||
|
@ -3487,7 +3531,7 @@ class Event extends AppModel
|
|||
}
|
||||
} else {
|
||||
if ($fromXml) {
|
||||
$data = $this->__captureObjects($data, $user);
|
||||
$data = $this->__captureObjects($data, $user, $server['Server']['internal']);
|
||||
}
|
||||
if ($data === false) {
|
||||
$failedCapture = true;
|
||||
|
@ -3548,19 +3592,6 @@ class Event extends AppModel
|
|||
$this->Log = ClassRegistry::init('Log');
|
||||
if ($saveResult) {
|
||||
if ($passAlong) {
|
||||
$this->Server = ClassRegistry::init('Server');
|
||||
$server = $this->Server->find('first', array(
|
||||
'conditions' => array(
|
||||
'Server.id' => $passAlong
|
||||
),
|
||||
'recursive' => -1,
|
||||
'fields' => array(
|
||||
'Server.name',
|
||||
'Server.id',
|
||||
'Server.unpublish_event',
|
||||
'Server.publish_without_email'
|
||||
)
|
||||
));
|
||||
if ($server['Server']['publish_without_email'] == 0) {
|
||||
$st = "enabled";
|
||||
} else {
|
||||
|
@ -3703,6 +3734,23 @@ class Event extends AppModel
|
|||
} else {
|
||||
$existingEvent = $this->findById($id);
|
||||
}
|
||||
if ($passAlong) {
|
||||
$this->Server = ClassRegistry::init('Server');
|
||||
$server = $this->Server->find('first', array(
|
||||
'conditions' => array(
|
||||
'Server.id' => $passAlong
|
||||
),
|
||||
'recursive' => -1,
|
||||
'fields' => array(
|
||||
'Server.name',
|
||||
'Server.id',
|
||||
'Server.unpublish_event',
|
||||
'Server.publish_without_email'
|
||||
)
|
||||
));
|
||||
} else {
|
||||
$server['Server']['internal'] = false;
|
||||
}
|
||||
// If the event exists...
|
||||
$dateObj = new DateTime();
|
||||
$date = $dateObj->getTimestamp();
|
||||
|
@ -3725,7 +3773,7 @@ class Event extends AppModel
|
|||
return(array('error' => 'Event could not be saved: Invalid sharing group or you don\'t have access to that sharing group.'));
|
||||
}
|
||||
} else {
|
||||
$data['Event']['sharing_group_id'] = $this->SharingGroup->captureSG($data['Event']['SharingGroup'], $user);
|
||||
$data['Event']['sharing_group_id'] = $this->SharingGroup->captureSG($data['Event']['SharingGroup'], $user, $server['Server']['internal']);
|
||||
unset($data['Event']['SharingGroup']);
|
||||
if ($data['Event']['sharing_group_id'] === false) {
|
||||
return (array('error' => 'Event could not be saved: User not authorised to create the associated sharing group.'));
|
||||
|
@ -3846,19 +3894,6 @@ class Event extends AppModel
|
|||
if ((!empty($data['Event']['published']) && 1 == $data['Event']['published'])) {
|
||||
// The edited event is from a remote server ?
|
||||
if ($passAlong) {
|
||||
$this->Server = ClassRegistry::init('Server');
|
||||
$server = $this->Server->find('first', array(
|
||||
'conditions' => array(
|
||||
'Server.id' => $passAlong
|
||||
),
|
||||
'recursive' => -1,
|
||||
'fields' => array(
|
||||
'Server.name',
|
||||
'Server.id',
|
||||
'Server.unpublish_event',
|
||||
'Server.publish_without_email'
|
||||
)
|
||||
));
|
||||
if ($server['Server']['publish_without_email'] == 0) {
|
||||
$st = "enabled";
|
||||
} else {
|
||||
|
|
|
@ -54,6 +54,10 @@ class SharingGroup extends AppModel
|
|||
);
|
||||
|
||||
private $__sgoCache = array();
|
||||
private $__sgAuthorisationCache = array(
|
||||
'save' => array(),
|
||||
'access' => array()
|
||||
);
|
||||
|
||||
|
||||
public function beforeValidate($options = array())
|
||||
|
@ -353,6 +357,9 @@ class SharingGroup extends AppModel
|
|||
// returns true if the SG exists and the user is allowed to see it
|
||||
public function checkIfAuthorised($user, $id, $adminCheck = true)
|
||||
{
|
||||
if (isset($this->__sgAuthorisationCache['access'][boolval($adminCheck)][$id])) {
|
||||
return $this->__sgAuthorisationCache['access'][boolval($adminCheck)][$id];
|
||||
}
|
||||
if (Validation::uuid($id)) {
|
||||
$sgid = $this->SharingGroup->find('first', array(
|
||||
'conditions' => array('SharingGroup.uuid' => $id),
|
||||
|
@ -372,8 +379,10 @@ class SharingGroup extends AppModel
|
|||
return false;
|
||||
}
|
||||
if (($adminCheck && $user['Role']['perm_site_admin']) || $this->SharingGroupServer->checkIfAuthorised($id) || $this->SharingGroupOrg->checkIfAuthorised($id, $user['org_id'])) {
|
||||
$this->__sgAuthorisationCache['access'][boolval($adminCheck)][$id] = true;
|
||||
return true;
|
||||
}
|
||||
$this->__sgAuthorisationCache['access'][boolval($adminCheck)][$id] = false;
|
||||
return false;
|
||||
}
|
||||
|
||||
|
@ -485,7 +494,7 @@ class SharingGroup extends AppModel
|
|||
return $results;
|
||||
}
|
||||
|
||||
public function captureSG($sg, $user)
|
||||
public function captureSG($sg, $user, $syncLocal=false)
|
||||
{
|
||||
$existingSG = !isset($sg['uuid']) ? null : $this->find('first', array(
|
||||
'recursive' => -1,
|
||||
|
@ -501,6 +510,34 @@ class SharingGroup extends AppModel
|
|||
if (!$user['Role']['perm_sharing_group']) {
|
||||
return false;
|
||||
}
|
||||
// check if current user is contained in the SG and we are in a local sync setup
|
||||
if (!empty($sg['uuid'])) {
|
||||
if (isset($this->__sgAuthorisationCache['save'][boolval($syncLocal)][$sg['uuid']])) {
|
||||
$authorisedToSave = $this->__sgAuthorisationCache['save'][boolval($syncLocal)][$sg['uuid']];
|
||||
} else {
|
||||
$authorisedToSave = $this->checkIfAuthorisedToSave($user, $sg);
|
||||
$this->__sgAuthorisationCache['save'][boolval($syncLocal)][$sg['uuid']] = $authorisedToSave;
|
||||
}
|
||||
} else {
|
||||
$authorisedToSave = $this->checkIfAuthorisedToSave($user, $sg);
|
||||
}
|
||||
if (!$user['Role']['perm_site_admin'] &&
|
||||
!($user['Role']['perm_sync'] && $syncLocal ) &&
|
||||
!$authorisedToSave
|
||||
) {
|
||||
$this->Log->create();
|
||||
$entry = array(
|
||||
'org' => $user['Organisation']['name'],
|
||||
'model' => 'SharingGroup',
|
||||
'model_id' => $sg['SharingGroup']['uuid'],
|
||||
'email' => $user['email'],
|
||||
'action' => 'error',
|
||||
'user_id' => $user['id'],
|
||||
'title' => 'Tried to save a sharing group but the user does not belong to it.'
|
||||
);
|
||||
$this->Log->save($entry);
|
||||
return false;
|
||||
}
|
||||
$this->create();
|
||||
$newSG = array();
|
||||
$attributes = array(
|
||||
|
|
|
@ -301,27 +301,27 @@
|
|||
)
|
||||
)
|
||||
);
|
||||
if (!Configure::read('MISP.completely_disable_correlation') && Configure::read('MISP.allow_disabling_correlation')) {
|
||||
$table_data[] = array(
|
||||
'key' => __('Correlation'),
|
||||
'class' => $event['Event']['disable_correlation'] ? 'background-red bold' : '',
|
||||
'html' => sprintf(
|
||||
'%s%s',
|
||||
$event['Event']['disable_correlation'] ? __('Disabled') : __('Enabled'),
|
||||
(!$mayModify && !$isSiteAdmin) ? '' : sprintf(
|
||||
}
|
||||
if (!Configure::read('MISP.completely_disable_correlation') && Configure::read('MISP.allow_disabling_correlation')) {
|
||||
$table_data[] = array(
|
||||
'key' => __('Correlation'),
|
||||
'class' => $event['Event']['disable_correlation'] ? 'background-red bold' : '',
|
||||
'html' => sprintf(
|
||||
'%s%s',
|
||||
$event['Event']['disable_correlation'] ? __('Disabled') : __('Enabled'),
|
||||
(!$mayModify && !$isSiteAdmin) ? '' : sprintf(
|
||||
sprintf(
|
||||
' (<a onClick="getPopup(%s);" style="%scursor:pointer;font-weight:normal;">%s</a>)',
|
||||
sprintf(
|
||||
' (<a onClick="getPopup(%s);" style="%scursor:pointer;font-weight:normal;">%s</a>)',
|
||||
sprintf(
|
||||
"'%s', 'events', 'toggleCorrelation', '', '#confirmation_box'",
|
||||
h($event['Event']['id'])
|
||||
),
|
||||
$event['Event']['disable_correlation'] ? 'color:white;' : '',
|
||||
$event['Event']['disable_correlation'] ? __('enable') : __('disable')
|
||||
)
|
||||
"'%s', 'events', 'toggleCorrelation', '', '#confirmation_box'",
|
||||
h($event['Event']['id'])
|
||||
),
|
||||
$event['Event']['disable_correlation'] ? 'color:white;' : '',
|
||||
$event['Event']['disable_correlation'] ? __('enable') : __('disable')
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
@ -542,12 +542,20 @@ setBaseURL () {
|
|||
MISP_BASEURL="https://misp.local"
|
||||
# Webserver configuration
|
||||
FQDN='misp.local'
|
||||
else
|
||||
elif [[ "$(checkManufacturer)" == "innotek GmbH" ]]; then
|
||||
MISP_BASEURL='https://localhost:8443'
|
||||
IP=$(ip addr show | awk '$1 == "inet" {gsub(/\/.*$/, "", $2); print $2}' |grep -v "127.0.0.1" |tail -1)
|
||||
sudo iptables -t nat -A OUTPUT -p tcp --dport 8443 -j DNAT --to ${IP}:443
|
||||
# Webserver configuration
|
||||
FQDN='localhost.localdomain'
|
||||
elif [[ "$(checkManufacturer)" == "VMware, Inc." ]]; then
|
||||
MISP_BASEURL='""'
|
||||
# Webserver configuration
|
||||
FQDN='misp.local'
|
||||
else
|
||||
MISP_BASEURL='""'
|
||||
# Webserver configuration
|
||||
FQDN='misp.local'
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue